2015-03-30 00:42:26 +00:00
|
|
|
package token
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
2015-03-30 16:21:59 +00:00
|
|
|
"fmt"
|
2015-05-11 18:08:03 +00:00
|
|
|
"os"
|
2015-03-30 00:42:26 +00:00
|
|
|
"os/exec"
|
2015-03-30 17:11:17 +00:00
|
|
|
"path/filepath"
|
2015-05-11 18:08:03 +00:00
|
|
|
"runtime"
|
2015-03-30 17:11:17 +00:00
|
|
|
"strings"
|
2015-04-28 21:52:55 +00:00
|
|
|
|
|
|
|
"github.com/kardianos/osext"
|
2015-03-30 00:42:26 +00:00
|
|
|
)
|
|
|
|
|
2015-04-28 21:52:55 +00:00
|
|
|
var exePath string
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
var err error
|
|
|
|
exePath, err = osext.Executable()
|
|
|
|
if err != nil {
|
|
|
|
panic("failed to detect self path: " + err.Error())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-03-30 17:11:17 +00:00
|
|
|
// HelperPath takes the configured path to a helper and expands it to
|
|
|
|
// a full absolute path that can be executed. If the path is relative then
|
|
|
|
// a prefix of "vault token-" will be prepended to the path.
|
|
|
|
func HelperPath(path string) string {
|
|
|
|
space := strings.Index(path, " ")
|
|
|
|
if space == -1 {
|
|
|
|
space = len(path)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the binary name. If it isn't absolute, prepend "vault token-"
|
|
|
|
binary := path[0:space]
|
|
|
|
if !filepath.IsAbs(binary) {
|
2015-04-28 21:52:55 +00:00
|
|
|
binary = exePath + " token-" + binary
|
2015-03-30 17:11:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Return the resulting string
|
|
|
|
return fmt.Sprintf("%s%s", binary, path[space:])
|
|
|
|
}
|
|
|
|
|
2015-03-30 00:42:26 +00:00
|
|
|
// Helper is the struct that has all the logic for storing and retrieving
|
|
|
|
// tokens from the token helper. The API for the helpers is simple: the
|
2015-05-12 05:22:33 +00:00
|
|
|
// Path is executed within a shell with environment Env. The last argument
|
|
|
|
// appended will be the operation, which is:
|
2015-03-30 00:42:26 +00:00
|
|
|
//
|
|
|
|
// * "get" - Read the value of the token and write it to stdout.
|
|
|
|
// * "store" - Store the value of the token which is on stdin. Output
|
|
|
|
// nothing.
|
|
|
|
// * "erase" - Erase the contents stored. Output nothing.
|
|
|
|
//
|
|
|
|
// Any errors can be written on stdout. If the helper exits with a non-zero
|
|
|
|
// exit code then the stderr will be made part of the error value.
|
|
|
|
type Helper struct {
|
|
|
|
Path string
|
2015-05-12 05:22:33 +00:00
|
|
|
Env []string
|
2015-03-30 00:42:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Erase deletes the contents from the helper.
|
|
|
|
func (h *Helper) Erase() error {
|
2015-05-11 18:08:03 +00:00
|
|
|
cmd, err := h.cmd("erase")
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("Error: %s", err)
|
|
|
|
}
|
2015-03-30 16:21:59 +00:00
|
|
|
if output, err := cmd.CombinedOutput(); err != nil {
|
|
|
|
return fmt.Errorf(
|
|
|
|
"Error: %s\n\n%s", err, string(output))
|
|
|
|
}
|
|
|
|
return nil
|
2015-03-30 00:42:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Get gets the token value from the helper.
|
|
|
|
func (h *Helper) Get() (string, error) {
|
2015-03-30 16:21:59 +00:00
|
|
|
var buf, stderr bytes.Buffer
|
2015-05-11 18:08:03 +00:00
|
|
|
cmd, err := h.cmd("get")
|
|
|
|
if err != nil {
|
|
|
|
return "", fmt.Errorf("Error: %s", err)
|
|
|
|
}
|
2015-03-30 00:42:26 +00:00
|
|
|
cmd.Stdout = &buf
|
2015-03-30 16:21:59 +00:00
|
|
|
cmd.Stderr = &stderr
|
2015-03-30 00:42:26 +00:00
|
|
|
if err := cmd.Run(); err != nil {
|
2015-03-30 16:21:59 +00:00
|
|
|
return "", fmt.Errorf(
|
|
|
|
"Error: %s\n\n%s", err, stderr.String())
|
2015-03-30 00:42:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return buf.String(), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Store stores the token value into the helper.
|
|
|
|
func (h *Helper) Store(v string) error {
|
|
|
|
buf := bytes.NewBufferString(v)
|
2015-05-11 18:08:03 +00:00
|
|
|
cmd, err := h.cmd("store")
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("Error: %s", err)
|
|
|
|
}
|
2015-03-30 00:42:26 +00:00
|
|
|
cmd.Stdin = buf
|
2015-03-30 16:21:59 +00:00
|
|
|
if output, err := cmd.CombinedOutput(); err != nil {
|
|
|
|
return fmt.Errorf(
|
|
|
|
"Error: %s\n\n%s", err, string(output))
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
2015-03-30 00:42:26 +00:00
|
|
|
}
|
|
|
|
|
2015-05-11 18:08:03 +00:00
|
|
|
func (h *Helper) cmd(op string) (*exec.Cmd, error) {
|
|
|
|
script := strings.Replace(h.Path, "\\", "\\\\", -1) + " " + op
|
2015-05-12 05:22:33 +00:00
|
|
|
cmd, err := ExecScript(script)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
cmd.Env = h.Env
|
|
|
|
return cmd, nil
|
2015-05-11 18:08:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ExecScript returns a command to execute a script
|
|
|
|
func ExecScript(script string) (*exec.Cmd, error) {
|
|
|
|
var shell, flag string
|
|
|
|
if runtime.GOOS == "windows" {
|
|
|
|
shell = "cmd"
|
|
|
|
flag = "/C"
|
|
|
|
} else {
|
|
|
|
shell = "/bin/sh"
|
|
|
|
flag = "-c"
|
|
|
|
}
|
|
|
|
if other := os.Getenv("SHELL"); other != "" {
|
|
|
|
shell = other
|
|
|
|
}
|
|
|
|
cmd := exec.Command(shell, flag, script)
|
|
|
|
return cmd, nil
|
2015-03-30 00:42:26 +00:00
|
|
|
}
|